VPNs are Lying About Logs (Alarming Info)

Be careful.

A recent court case in Massachusetts has once again proven that some VPN services with “zero log” policies are indeed keeping logs and handing this information over to authorities.

In this guide we’ll examine the recent case and other examples to illustrate what’s going on and how you can protect yourself.

Here’s what you need to know.

Law enforcement vs “no logs”

PureVPN was recently caught red-handed.

The Department of Justice just published a complaint involving a cyberstalking case. The case involved a US resident who was allegedly stalking and harassing people while using PureVPN.

The relevant section of the complaint appears at the bottom of page 22:

While it is difficult to determine exactly what details these “records” (logs) contained, it is clear that enough information was provided for law enforcement officials arrest the PureVPN user on cyberstalking charges.

The FBI complaint above clearly appears to contradict the PureVPN privacy policy – notably this section here:

But this isn’t the first time law enforcement agencies have rained on the “no logs” VPN party.

According to a post on WipeYourData (site is now offline), a user of the “absolutely no logs” EarthVPN service was arrested with the help of “connection logs” obtained by police. While the post is short on details, it states Dutch police used these “connection logs” to arrest the EarthVPN user for allegedly making bomb threats.

When the story broke, EarthVPN allegedly blamed the datacenter where the server was located, but commenters suggested that the VPN may have handed over information to police. (There’s no way to know for sure and the original report is short on details.)

And finally, there’s also the case with HideMyAss.

According to Invisibler, Hide My Ass VPN, the UK-based VPN service, appears to have cooperated with US authorities in handing over logs in a hacking case. This led to the arrest of a hacker in what is known as the “LulzSec fiasco”.

There are likely more examples that we will never know about where VPNs have handed over customer data (logs) to authorities.

Contradictory “no logs” claims

Further adding to the confusion is that there is no standard definition of “logs” or “no logs” used across the VPN industry. As you will see below, many VPNs come up with their own convoluted definitions.

Here are two examples where the marketing claims seem to contradict the privacy policies.

Example 1: Betternet

Betternet privacy policy:

Betternet may collect the connection times to our Service and the total amount of data transferred per day… Betternet uses third-parties (the “Third Party”) for advertisement. Third Party may use technologies to access some data including but not limited to cookies to estimate the effectiveness of their advertisements.

Example 2: PureVPN

Now returning again to the PureVPN privacy policy, notice the first and second-to-last sentences:

Apparently keeping “connection and bandwidth” is part of PureVPN’s “zero log policy”.

It seems many people will just look for the “no logs” claims on the homepage and never read the fine print in the privacy policy.

These contradictory claims are fairly common with VPNs.

Red flags with VPN logs

How do you know if you can trust what your VPN says about logs?

There is no concrete answer here, but you can watch out for these red flags:

• Contradictory statements – Compare the marketing statements to the privacy policy. If they contradict each other, you may have a problem.
• Restrictions + “no logs” – If a VPN is enforcing restrictions, this often requires some form of logging. While connection restrictions can perhaps be implemented in real time, bandwidth restrictions require logging.
• Jurisdiction – VPNs in certain jurisdictions, such as the US and UK, may be compelled to hand over information to government authorities. VPNs in the US, for example, can be forced to monitor/log their users by government authorities while being prohibited from disclosure (gag orders).

VPN logs are generally a grey area.

Reading the fine print will help you sort through the noise.

How to protect yourself

Here are five ways to protect yourself from a VPN service or server that may be compromised:

• Verified “no logs” claims – There have been two examples where “no logs” claims have prevailed over law enforcement. Private Internet Access had their “no logs” claims tested and verified in US court last year. In another example, Perfect Privacy had two of their servers seized in Rotterdam (also reported by TorrentFreak). According to Perfect Privacy, customer data remained safe due to the server configuration and their strict “no logs” policies.
• Multi-hop VPN – One way to protect yourself if a VPN server is compromised is through a multi-hop VPN configuration. A multi-hop configuration will help to mask incoming and/or outgoing traffic. Both ZorroVPN and Perfect Privacy offer self-configurable multi-hop VPN chains with up to four servers. VPN.ac offers 18 different double-hop configurations.
• VPN + Tor – If done correctly, using a VPN in combination with the Tor network can further protect users (but performance will drop significantly).
• Multiple VPN services – Using more than one VPN service at the same time will also provide more anonymity. A simple way to implement this setup would be to use one VPN on a router, and then connect to that network through another VPN on your computer/device. Implementing this technique with virtual machines is another option. (The main drawback will again be performance.)
• Privacy-friendly jurisdiction – Choosing a VPN that is outside the 5/9/14 Eyes surveillance countries may offer further protection. Nonetheless, this is no silver bullet. As we saw with PureVPN, being operated in Hong Kong does not mean they won’t cooperate with US authorities.

VPN logs are not necessarily a bad thing. It all depends on your threat model and how much privacy and online anonymity you seek to achieve.

Many VPN providers keep some logs and clearly explain this on their website. Two examples of logging transparency are VyprVPN and ExpressVPN (ExpressVPN recently revised its website to further clarify their policies). But there are other VPN services that keep or “retain” data, while falsely claiming to be “no logs” on their homepage (red flag).

The key is to understand what’s going on with these policies, look for honest and transparent providers, and take extra precautions if you want to achieve higher levels of online anonymity.

Final Disclaimer and Instructions from NetTodays

NetTodays is a platform for Best VPN Review and Which VPN Service is Best for you.  How to get Best Free VPN Review without the expense. NetTodays suggest how to utilize the most recent VPN and reviews about What is the Best VPN for Netflix. Best VPN built for speed, you can select a server at the country or city level and can favorite a location for future use. NetTodays help you to understand that What is the Best VPN on the Market. NetTodays provide you all these reviews and recondition about Best VPNs for Gaming

A VPN is a service that both encrypts your data and hides your IP address by bouncing your network activity through a secure chain to another server miles away. This obscures your online identity, even on public Wi-Fi networks, so you can browse the internet safely, securely, and anonymously.

NetTodays gives you answers to all questions which are in your mind about VPN.

NetTodays also suggest continually utilizing Best VPN when you are using a newer Wi-Fi Network. Here is a decent dependable guideline: If you’re away from the workplace or home, and you’re utilizing another person’s Wi-Fi (even that of a relative or a companion, since you can’t be sure whether they’ve been compromised), utilize a VPN. It’s especially significant in case you’re getting to help that has specifically distinguishing data. Keep in mind, a great deal goes on in the background, and you never truly know whether at least one of your applications is verifying behind the scenes and putting your data in danger.